Personal Info For 100 Million Facebook Users Harvested Into One File

Do you share your personal info with everyone on Facebook? If so, there’s a decent chance that data is now part of a file — containing information for around 100 million users of the social networking site — that’s now making its way around the Web.

The file was compiled by a security consultant who wanted to show how easy it was to harvest all the information from Facebook users who hadn’t made their profiles private. The info contained in the file does not include phone numbers, e-mail or postal addresses, though it’s conceivable that this information could be just as easily harvested.

Facebook poo-pooed the news, saying that the information on the shared file is already publicly available:

People who use Facebook own their information and have the right to share only what they want, with whom they want, and when they want… In this case, information that people have agreed to make public was collected by a single researcher and already exists in Google, Bing, other search engines, as well as on Facebook… No private data is available or has been compromised.

While it is true that all the information in the file is readily available because those users didn’t make their profiles private, a privacy expert complains to the BBC that the massive size of this data harvest shows that many Facebook users don’t understand their privacy settings:

It is inconceivable that a firm with hundreds of engineers couldn’t have imagined a trawl of this magnitude and there’s an argument to be heard that Facebook have acted with negligence… People did not understand the privacy settings and this is the result.

Ummmmm, I just tried to put openfacebook.org as a link to my friend on facebook, and shockingly it treated it as spam. I then wrote directly in the message, nope it was now considered an ‘error’ or ‘unable to post’……So…..I wrote it as a sentence with spaces and that finally worked! FU facebook!

Wait, why is this evidence that people didn’t understand the privacy settings? Because people chose to make information available to everyone? I understand the privacy settings and I willingly allow some information to be viewed by anyone.

I’m not assuming anyone is like me, I’m simply offering myself as a counter example to the claim that 100 million names in a file is evidence that people don’t understand facebook privacy settings. The only way you could base that claim on the existence of this file is if you assume that none of those people wanted their name to be publicly visible. That’s clearly not true. If their belief is that some PORTION of Facebook users would want that information to be private, then that is consistent with the contents of this file – the file only contains 20% of Facebook users.

On the topic of privacy settings and confusion – has your name EVER been private by default?

This whole thing is just silly – is it news to anyone that information they chose to make available to everyone actually IS available to everyone?

It would be interesting to trawl facebook and do a sort of 6 degrees kind of thing though.

You need a large portion of people to say something to go either way though. Them saying “many Facebook users don’t understand their privacy settings” also requires a bunch of people to pipe up and say they didn’t expect this data to be available.

I’m assuming the consultant simply wanted to point out privacy issues instead of being a complete ass. That said, he decided to leave out phone numbers and email addresses that were publicly available.

However, it would be just as easy for someone else to pull that information using the same procedure as this consultant.

Facebook says I own my data, but unfortunately, they give me as a user absolutely zero ability to search that data within the Facebook interface, and the only management capability is the Delete button. You cannot change the privacy settings of an existing post, and the only way to locate old posts you made is to click “Older Posts” which might take you several hours, depending on how far back you want to go. I am annoyed that a third-party aggregator has more control over my data than I do.

I like engadget’s headline
“100 million Facebook pages leaked to a torrent site, creating the world’s least exciting torrent”

A very boring torrent indeed, but it sucks that the information can just be taken with this. I just checked my settings everything but photos i’m tagged in is set to friends only (photo’s I’m tagged in is friends of friends)

I wonder if any of those people who “did not make their profiles private” were owners of profiles that Facebook was kind enough to make public during one of their multiple policy changes.

Regardless, it’s simple. If you don’t want information about you getting out to people you don’t know, don’t post it online. Especially phone numbers! I know several people that have their cell phone number plastered all over their profile, who complain constantly about the number of prank calls, telemarketers, text message advertisements that they keep getting.

I am not now, nor have I *ever* used or registered for, or participated on one of the so-called “social networking” sites. Having been connecting with people on the internet since the mid 1980’s, I have plenty of other resources with which to do this and am able to stay in touch very well with my friends and family.

I use a very strong SPAM filter with my email client and maintain a “junk” email account for those times when I must provide an email address in order to register on a website or do business with a company on line.

If I “Google” myself there at least ten pages of results for other people with the same (or similar) name as mine, until eventually a few statle references show up from ten years ago.

And yes – I have lots of interesting and fascinating friends, most of whom could not care less that I’m standing on line at the bank behind some “hot” looking person, am about to have a hamburger at that new place everybody’s talking about.

ZZZZzzzzzzzzzz

The reason people post every bit of their lives on the internet is due to the fact that we now live in a society which communicates via the media – and with the ever-rising popularity of those “Reality TV” shows – we have less real interest in maintaining our privacy.

The solution to this problem is quite easy- the only things you should post online are things you *want* people to know about you. I can’t believe that is so hard to figure out for so many people. I’m on Facebook & I’ve never had any problems with security. And keep your profiles private, people! I don’t even have any sensitive info on my profile & my shit is STILL almost completely locked down. Mainly so I can bitch about my job w/o getting in trouble with my manager, but still.

I have friends that post their phone numbers, kids’ names/ages/schools, & even their ADDRESSES on there, and ALL of it is public too. Do they WANT to be harassed/stalked/robbed/raped??? Combined with TMI status updates every 5 minutes, it’s like handing out an index card with your address, phone number, daily schedule, & a list of your fears to every stranger on the street.

Nothing on my facebook profile is stuff that can’t be obtained elsewhere, namely my personal site, or wikipedia. In fact, Wikipedia has more info on me than facebook, including my DOB, hometown, school and university, even the city I now live in. Ah the perils of being ‘notable’

I think the situation comes up when people just want to use a feature but get bombarded with questions that they feel need to be answered to use that said feature. So let us say that they want to talk to Billy using the built-in instant messenger on Facebook. They create an account and get asked “What is your name? What is your phone number? What do you like to do?” They feel obligated to answer despite that tiny skip button at the bottom.

Then they think their information is kept within a small group. Most people are blissfully unaware that some of your information is actually given out publicly. They really don’t know. All they know is that they can talk to Billy now and nothing else matters.

Regardless of privacy settings, people need to regard Facebook as the equivalent of a big bulletin board in the middle of a public park, because it may very well become that in many cases. Maybe Facebook won’t give it up to a subpoena for information, but a divorce attorney, for example, may be able to subpoena somebody you’ve friended who’s read your information.

If you want to tell people things, best to have drinks with them. I use Facebook to cross-post stuff I post on my blog, to promote media appearances, and to “yay” friends when they post about their accomplishments. Anything else, it’s really a security risk.

It’s simple. Don’t give Facebook any information that you know isn’t available through public records. Facebook has my name, my spouse’s name, my email address (which I kind of wish they didn’t, but that’s the cost of having an account), the town I live in, and my date of birth. Except for the email address, anyone can look that information up at little cost other than their time.

That’s all they have. I don’t worry about losing that information, because for the most part I’d lost it long before I signed up for Facebook.

It’s a phone book. It’s just a big freaking phone book filled with names and the already public URL to the profile of the person.

That’s it…no history of wall posts, no home address’s, no phone numbers. This is FUD pure and simple and doesn’t represent any type of security breach at all. Oh noes! There’s a flat text file out there with my name in it, quick Stranger Danger!

So what? If you don’t put anything on your Facebook profile that you don’t want others to know, who cares if others get a hold of that information? What I have a problem with is people who send me a friend request and have a locked-down profile so I can’t know who they are without friending them…one turned out to be an aggressive neo-Nazi who was proud that he was passing on his hate to his children. Unfriended immediately and felt like I needed to take a shower.

This is a lot of rubbish. Anyone who uses Facebook without setting their privacy options deserves what they get.

I made my profile public and put exactly what I wanted people to see on it. It doesn’t have my birthday. I’m not worried if someone knows what town I live in. They can get that from any phone book or public database site. Everything else on my website is for my friends only. Can they make copies of stuff and post it elsewhere? Sure, But I don’t put anything on the web that I don’t want anyone to see, ever.